Sample viewer

vx.netlux.org/Virus.DOS.HLLC.17552

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:23.920416355Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:23.922432594Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:44:23.924786569Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:44:23.927075346Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:44:23.929251377Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:23.930632758Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:23.931981Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:44:23.934102453Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:44:23.936379705Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:44:23.937882079Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:44:23.939414536Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:44:23.942573208Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:44:23.944659201Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:44:23.94624957Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:44:23.948449367Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:44:23.949971163Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:44:23.951420743Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:44:23.953287906Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:23.95466031Z	53	PC: 1546a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:44:23.956037596Z	37	PC: 1547f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:23.957787455Z	37	PC: 15487 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:23.959498546Z	37	PC: 1548f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:23.961073042Z	37	PC: 15497 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:23.963680616Z	68	PC: 161d0 \| I/O control for devices (Set for = '��>��ڀ')
2018-12-17T22:44:24.054630459Z	37	PC: 14c41 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:44:24.05630431Z	26	PC: 152cd \| Set disk transfer address
2018-12-17T22:44:24.057617787Z	78	PC: 152d9 \| Find first file
2018-12-17T22:44:24.06468107Z	26	PC: 152cd \| Set disk transfer address
2018-12-17T22:44:24.066321271Z	78	PC: 152d9 \| Find first file
2018-12-17T22:44:24.072645949Z	25	PC: 15d88 \| Get default drive
2018-12-17T22:44:24.074678895Z	71	PC: 15d9b \| Get current directory
2018-12-17T22:44:24.078116042Z	26	PC: 152cd \| Set disk transfer address
2018-12-17T22:44:24.079443552Z	78	PC: 152d9 \| Find first file
2018-12-17T22:44:24.087739715Z	60	PC: 161b4 \| Create or truncate file
2018-12-17T22:44:24.107478263Z	68	PC: 161d0 \| I/O control for devices (Set for = '��>��ڀ')
2018-12-17T22:44:24.109721214Z	64	PC: 15863 \| Write file or device (Write 14 bytes on handle 5)
2018-12-17T22:44:24.115061475Z	62	PC: 158a2 \| Close file
2018-12-17T22:44:24.126909008Z	61	PC: 161b4 \| Open file (Filename = 'UOMENYS.DAT')
2018-12-17T22:44:24.135138591Z	63	PC: 15831 \| Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:44:24.139609088Z	62	PC: 158a2 \| Close file
2018-12-17T22:44:24.141781369Z	65	PC: 15d0a \| Delete file (Filename = 'UOMENYS.DAT')
2018-12-17T22:44:24.155777569Z	61	PC: 15bc1 \| Open file (Filename = 'A:\\TEST.EXE')
2018-12-17T22:44:24.159955215Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:24.162258302Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:44:24.163303946Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:44:24.164262143Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:44:24.178394445Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:24.179399877Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:24.180433051Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:44:24.181998174Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:44:24.183001018Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:44:24.18390199Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:44:24.185516704Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:44:24.186547762Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:44:24.187463787Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:44:24.188905939Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:44:24.190121513Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:44:24.191329861Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:44:24.192782626Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:44:24.194019705Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:24.195052179Z	37	PC: 155c1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:44:24.196440176Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.198974081Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.201078648Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.203399763Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.206121278Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.208402797Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.210813017Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.214285404Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.216525886Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.218767369Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.221847187Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.224088251Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.226188379Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.228621372Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.230870908Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.233132333Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.235922497Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.238118525Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.240126174Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.24307242Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.245468793Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.247754796Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.250859321Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.253518065Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.256247032Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.25985193Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.262404403Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.265135257Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.268189342Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.270910621Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.273572577Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.276554716Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.278700389Z	6	PC: 15648 \| Direct console I/O
2018-12-17T22:44:24.282831804Z	76	PC: 15600 \| Terminate with return code (Return code = '5')